Skip to content

Commit

Permalink
filemon: fix watch IDs to avoid potential wraparound issues
Browse files Browse the repository at this point in the history
Watch IDs are allocated from incrementing a int counter against
the QFileMonitor object. In very long life QEMU processes with
a huge amount of USB MTP activity creating & deleting directories
it is just about conceivable that the int counter can wrap
around. This would result in incorrect behaviour of the file
monitor watch APIs due to clashing watch IDs.

Instead of trying to detect this situation, this patch changes
the way watch IDs are allocated. It is turned into an int64_t
variable where the high 32 bits are set from the underlying
inotify "int" ID. This gives an ID that is guaranteed unique
for the directory as a whole, and we can rely on the kernel
to enforce this. QFileMonitor then sets the low 32 bits from
a per-directory counter.

The USB MTP device only sets watches on the directory as a
whole, not files within, so there is no risk of guest
triggered wrap around on the low 32 bits.

Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
  • Loading branch information
berrange committed Apr 2, 2019
1 parent ff3dc8f commit b4682a6
Show file tree
Hide file tree
Showing 8 changed files with 105 additions and 90 deletions.
2 changes: 1 addition & 1 deletion authz/listfile.c
Original file line number Diff line number Diff line change
Expand Up @@ -93,7 +93,7 @@ qauthz_list_file_load(QAuthZListFile *fauthz, Error **errp)


static void
qauthz_list_file_event(int wd G_GNUC_UNUSED,
qauthz_list_file_event(int64_t wd G_GNUC_UNUSED,
QFileMonitorEvent ev G_GNUC_UNUSED,
const char *name G_GNUC_UNUSED,
void *opaque)
Expand Down
10 changes: 5 additions & 5 deletions hw/usb/dev-mtp.c
Original file line number Diff line number Diff line change
Expand Up @@ -170,7 +170,7 @@ struct MTPObject {
char *path;
struct stat stat;
/* file monitor watch id */
int watchid;
int64_t watchid;
MTPObject *parent;
uint32_t nchildren;
QLIST_HEAD(, MTPObject) children;
Expand Down Expand Up @@ -498,7 +498,7 @@ static MTPObject *usb_mtp_object_lookup_name(MTPObject *parent,
return NULL;
}

static MTPObject *usb_mtp_object_lookup_id(MTPState *s, int id)
static MTPObject *usb_mtp_object_lookup_id(MTPState *s, int64_t id)
{
MTPObject *iter;

Expand All @@ -511,7 +511,7 @@ static MTPObject *usb_mtp_object_lookup_id(MTPState *s, int id)
return NULL;
}

static void file_monitor_event(int id,
static void file_monitor_event(int64_t id,
QFileMonitorEvent ev,
const char *name,
void *opaque)
Expand Down Expand Up @@ -625,8 +625,8 @@ static void usb_mtp_object_readdir(MTPState *s, MTPObject *o)
}

if (s->file_monitor) {
int id = qemu_file_monitor_add_watch(s->file_monitor, o->path, NULL,
file_monitor_event, s, &err);
int64_t id = qemu_file_monitor_add_watch(s->file_monitor, o->path, NULL,
file_monitor_event, s, &err);
if (id == -1) {
error_report("usb-mtp: failed to add watch for %s: %s", o->path,
error_get_pretty(err));
Expand Down
2 changes: 1 addition & 1 deletion include/authz/listfile.h
Original file line number Diff line number Diff line change
Expand Up @@ -92,7 +92,7 @@ struct QAuthZListFile {
char *filename;
bool refresh;
QFileMonitor *file_monitor;
int file_watch;
int64_t file_watch;
};


Expand Down
16 changes: 8 additions & 8 deletions include/qemu/filemonitor.h
Original file line number Diff line number Diff line change
Expand Up @@ -52,7 +52,7 @@ typedef enum {
* empty.
*
*/
typedef void (*QFileMonitorHandler)(int id,
typedef void (*QFileMonitorHandler)(int64_t id,
QFileMonitorEvent event,
const char *filename,
void *opaque);
Expand Down Expand Up @@ -103,12 +103,12 @@ void qemu_file_monitor_free(QFileMonitor *mon);
*
* Returns: a positive integer watch ID, or -1 on error
*/
int qemu_file_monitor_add_watch(QFileMonitor *mon,
const char *dirpath,
const char *filename,
QFileMonitorHandler cb,
void *opaque,
Error **errp);
int64_t qemu_file_monitor_add_watch(QFileMonitor *mon,
const char *dirpath,
const char *filename,
QFileMonitorHandler cb,
void *opaque,
Error **errp);

/**
* qemu_file_monitor_remove_watch:
Expand All @@ -123,6 +123,6 @@ int qemu_file_monitor_add_watch(QFileMonitor *mon,
*/
void qemu_file_monitor_remove_watch(QFileMonitor *mon,
const char *dirpath,
int id);
int64_t id);

#endif /* QEMU_FILE_MONITOR_H */
Loading

0 comments on commit b4682a6

Please sign in to comment.